My keynote for Ethereum Devcon: without the rule of law, crypto fails

I was one of the keynote speakers at last week's Ethereum Devcon in Prague, where I gave a talk called "Decentralize, Democratize, or Die," about the way that bad tech policy (crypto backdoors, the DMCA's ban on security disclosures, etc) come from weak states where the super-rich get to call the shots, and how things like money-laundering creates these weak states. The core message: if you don't figure out how to make more pluralistic, less plutocratic states, you will never get the kind of information security you need for your blockchain systems to thrive. Read the rest

French spy used darknet to sell access to national mass-surveillance databases

A cop working for the Direction Générale de la Sécurité Intérieure (the French national domestic surveillance agency) used the darknet marketplace Black Hand to sell access to France's prodigious national surveillance apparatus to criminals: give him a phone number and he'd track its location; give him a name and he'd tell you whether that person was under police investigation and disclose the contents of the associated files; he'd also sell you everything you needed to forge papers and other official documents (he took payment in Bitcoin). Read the rest

Anatomy of a Reddit cryptocurrency spam-factory

A guy named "Aaron" has been pitching Reddit moderators and other influential Redditors on their participation in a lucrative scam to inflate the popularity of posts about different cryptocurrencies, using massive farms of bots that post and upvote through a network of proxies that make them seem like they're distributed all over the world. Read the rest

Interview with a cryptocurrency scammer

Adam Guerbuez is a cryptocurrency evangelist whose Youtube channel is full of videos promoting cryptocurrency trading; when he got a Twitter message from a scammer promising to send him free Ethereum coins, he asked the scammer if they could talk about the scam. Read the rest

Porn blackmailers supercharge their scam with password dumps, make bank

The porn extortion scam works like this: you get an email from a stranger claiming that he hacked your computer and recorded video of you masturbating to pornography, which he'll release unless you send him some cryptocurrency. Read the rest

For a mere $105,000, John McAfee will tweet about your cryptocurrency

Creepy (no, seriously) 1980s villain John McAfee has 812,000 Twitter followers, some of whom are not bots, and for the low price of $105,000, he will tweet to them about your cryptocurrency. Read the rest

Attacks that unmask anonymous blockchain transactions can be used against everyone who ever relied on the defective technique

In An Empirical Analysis of Traceability in the Monero Blockchain, a group of eminent computer scientists analyze a longstanding privacy defect in the Monero cryptocurrency, and reveal a new, subtle flaw, both of which can be used to potentially reveal the details of transactions and identify their parties. Read the rest

Teen's devastating bug-report on a "tamper-proof" cryptocurrency wallet shows why companies can't be left in charge of bad news about their products

Saleem Rashid is a 15 year old self-taught British programmer who discovered a fatal defect in the Ledger Nano S, an offline cryptocurrency wallet that is marketed as being "tamper-proof." Read the rest

Epidemic of cryptojacking can be traced to escaped NSA superweapon

The epidemic of cryptojacking malware isn't merely an outgrowth of the incentive created by the cryptocurrency bubble -- that's just the motive, and the all-important the means and opportunity were provided by the same leaked NSA superweapon that powered last year's Wannacry ransomware epidemic. Read the rest

Excellent explainer: how consensus algorithms (including Bitcoin/blockchain) work

The creation of "public ledgers" -- like blockchain, popularized by Bitcoin -- requires "consensus algorithms" that allow mutually untrusted, uncoordinated parties to agree on a world-readable, distributed list of things (domain names, transactions, title deeds, etc), something that cryptography makes possible in a variety of ways. Read the rest

Salon gives readers a choice: view ads or mine cryptocurrency

Salon announced this week that visitors who insist on using an ad blocker must either disable it or mine cryptocurrency for the site.

For our beta program, we’ll start by applying your processing power to mine cryptocurrencies to recoup lost ad revenue when you use an ad blocker. We plan to further use any learnings from this to help support the evolution and growth of blockchain technology, digital currencies and other ways to better service the value exchange between content and user contribution.

Your unused processing power are the resources you already have but are not actively using to it’s full potential at the time of browsing salon.com. Mining uses more of your resources which means your computer works a bit harder and uses more electricity than if you were just passively browsing the site with ads.

Who will be the first to sue Salon, claiming the mining software melted their laptop? Read the rest

Cryptocurrency-mining malware spotted on more than 4200 sites including UK, US, and Australian government sites

Security researcher Scott Helme has spotted a third-party exploit that injects a script that mines cryptocurrency on over 4,200 sites, from the UK NHS to the US Courts' official site to the sites of other esteemed security researchers. Read the rest

The latest IoT botnet displays evidence of a halfway clever botmaster

The amazing and frightening thing about the Mirai botnet's reign of terror wasn't that it was a super-sophisticated cyberweapon: rather, it was a clumsy, amateurish fuggly hack that turned out to have been produced by a couple of dum-dums with a Minecraft racket. Read the rest

Bitcoin's high valuation has ruined it as a medium of exchange

Technological limitations in the design of the Bitcoin system means that the network only processes about seven transactions per second, unless you pay someone with a lot of compute-power to log your transaction, currently at the rate of about $20/transaction. Read the rest

SEC to scrutinize public companies getting overnight bitcoin makeovers to cash in on cryptocurrency hype

The U.S. Securities and Exchange Commission today pledged to aggressively scrutinize publicly-traded companies that suddenly change their name or their business model to try to profit from the nutty hype surrounding cryptocurrency. SEC Chairman Jay Clayton threw this wet towel on the blockchain bubble Monday. Read the rest

A Japanese promoter has launched Kasotsuka Shojo, a cryptocurrency-themed all-woman "cryptopop" group

The latest launch from Japanese entertainment corporation Cinderella Academy is Kasotsuka Shojo "Virtual Currency Girls," who are billed as the first cryptopop band. Read the rest

"Financial dominatrix" orders the rich men who submit to her to operate a "crypto slave farm" to mine bitcoin

Theodora is a "financial dominatrix," a woman who sexually gratifies rich and powerful men by humiliating them with orders to give her money; in the age of cryptocurrency, she says her clients are now operating a "crypto slave farm" of cryptocurrency mining rigs built to her specification, which mine bitcoin and other cryptocurrencies for her. Read the rest

More posts